Redhat

Enterprise Linux Workstation

1845 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2018-6927

  • EPSS 0.06%
  • Veröffentlicht 12.02.2018 19:29:01
  • Zuletzt bearbeitet 21.11.2024 04:11:26

The futex_requeue function in kernel/futex.c in the Linux kernel before 4.14.15 might allow attackers to cause a denial of service (integer overflow) or possibly have unspecified other impact by triggering a negative wake or requeue value.

7.7

CVE-2018-1000026

  • EPSS 0.87%
  • Veröffentlicht 09.02.2018 23:29:00
  • Zuletzt bearbeitet 21.11.2024 03:39:27

Linux Linux kernel version at least v4.8 onwards, probably well before contains a Insufficient input validation vulnerability in bnx2x network card driver that can result in DoS: Network card firmware assertion takes card off-line. This attack appear...

9.8

CVE-2018-6871

Exploit
  • EPSS 42.68%
  • Veröffentlicht 09.02.2018 06:29:00
  • Zuletzt bearbeitet 21.11.2024 04:11:20

LibreOffice before 5.4.5 and 6.x before 6.0.1 allows remote attackers to read arbitrary files via =WEBSERVICE calls in a document, which use the COM.MICROSOFT.WEBSERVICE function.

10

CVE-2018-4877

  • EPSS 5.04%
  • Veröffentlicht 06.02.2018 21:29:00
  • Zuletzt bearbeitet 21.11.2024 04:07:37

A use-after-free vulnerability was discovered in Adobe Flash Player before 28.0.0.161. This vulnerability occurs due to a dangling pointer in the Primetime SDK related to media player's quality of service functionality. A successful attack can lead t...

9.8

CVE-2018-4878

Warnung Medienbericht Exploit
  • EPSS 93.16%
  • Veröffentlicht 06.02.2018 21:29:00
  • Zuletzt bearbeitet 13.02.2025 17:38:59

A use-after-free vulnerability was discovered in Adobe Flash Player before 28.0.0.161. This vulnerability occurs due to a dangling pointer in the Primetime SDK related to media player handling of listener objects. A successful attack can lead to arbi...

8.8

CVE-2018-6560

  • EPSS 0.09%
  • Veröffentlicht 02.02.2018 14:29:01
  • Zuletzt bearbeitet 21.11.2024 04:10:54

In dbus-proxy/flatpak-proxy.c in Flatpak before 0.8.9, and 0.9.x and 0.10.x before 0.10.3, crafted D-Bus messages to the host can be used to break out of the sandbox, because whitespace handling in the proxy is not identical to whitespace handling in...

9.8

CVE-2018-6485

  • EPSS 0.73%
  • Veröffentlicht 01.02.2018 14:29:00
  • Zuletzt bearbeitet 21.11.2024 04:10:45

An integer overflow in the implementation of the posix_memalign in memalign functions in the GNU C Library (aka glibc or libc6) 2.26 and earlier could cause these functions to return a pointer to a heap area that is too small, potentially leading to ...

7.8

CVE-2018-1000001

Exploit
  • EPSS 44.63%
  • Veröffentlicht 31.01.2018 14:29:00
  • Zuletzt bearbeitet 21.11.2024 03:39:23

In glibc 2.26 and earlier there is confusion in the usage of getcwd() by realpath() which can be used to write before the destination buffer leading to a buffer underflow and potential code execution.

5.5

CVE-2018-5750

  • EPSS 0.04%
  • Veröffentlicht 26.01.2018 19:29:00
  • Zuletzt bearbeitet 21.11.2024 04:09:18

The acpi_smbus_hc_add function in drivers/acpi/sbshc.c in the Linux kernel through 4.14.15 allows local users to obtain sensitive address information by reading dmesg data from an SBS HC printk call.

7.5

CVE-2018-5748

  • EPSS 1.63%
  • Veröffentlicht 25.01.2018 16:29:00
  • Zuletzt bearbeitet 21.11.2024 04:09:18

qemu/qemu_monitor.c in libvirt allows attackers to cause a denial of service (memory consumption) via a large QEMU reply.